TEMENOS

Transact Security Management System Learning Commur,iby'

Practice » Yes/No
1- USER 2- Wrong, need an authorizer step 3- Yes 4- Deactivate with absence/holiday feature 5-
ALL. PG 6- Date last sign on and time last sign on in User

I Practice » Yes/No
• VTÄich application controls the rivileges of a user
• As soon as a user inputs a new value, it is a le data.
• A User can access multiple companies.
• How do you de-activate a User Profile?
• is the value you would give in the Field Application to give the user access to all the
applications?
• Vfrere is the logging information stored in Transact?

02022 Temenos Headquarters SA - all rights reserved 31

 TEMENOS
Transact Security Management System Learning Communiby'

User Profiles
Lesson Overview
In this lesson I am going to describe Access, Activity Logging, User Groups, User Roles and User Administration

I Lesson Overview

TEMENOS

02022 Temenos Headquarters SA - all rights reserved 32

TEMENOS Transact Security Management System Learning Communiby'

Access
The Transact User Profile encompasses different concepts. Authentication, Company, Restricted hours,
Department, Timeout, Application, Group, Role, Log, Authorize, Read-write. All this features are defined in
the User Profile.

I Access
Authentication Company

Restricted hours Department

Timeout
O Application

Group
Write
log Role Authorize Read
TEMENOS i"G Co.-it/

02022 Temenos Headquarters SA - all rights reserved 33

 TEMENOS
Transact Security Management System Learning Communiby'

Access » Company and Applications

For all Users, we can specify what can be accessed and performed in Transact at 5 levels: .
COMPANY APPLICATION, VERSION/ENQUIRY FUNCTION FIELD The COMPANY RESTRiction field
contains a valid company code. This is used to specify a Company in which we want to set
access rights for a User. This company should be defined as part of the COMPANY CODE field.
"ALL" will allow the user access for all
companies listed in the
COMPANY.CODE field. The APPLICATION
field can contain a valid application
name which the User can CUS access.
ALL.PG implies that the user will have
access to all applications in AaBCDEFHlLPRsv
Transact in
the company specified in the field
COMPANY RESTRiction
USER,

I Access » Company and

Applications
• 5 levels for all users the information and facilities which may be accessed
• COMPANY, APPLICATION, VERSION/ENQUIRY, FUNCTION and FIELD
TEMENOS
Cm-it/

02022 Temenos Headquarters SA - all rights reserved 34

TEMENOS Transact Security Management System Learning Communiby'

Access » Screen Functions

A VERSION is the Transact screen which can be accessed. The Application specified in the Application field
can only be accessed via this Version in this Company. The FUNCTION field is where we list the valid
functions that the user can PERFORM in this Company. Typing ALL in this field will give access to all the
functions in Transact. When the record is committed it will display the values as indicated in the screenshot.
'A' is a function which allows the user to authorize a record. 2' is used to indicate second-level authorisation.
For a User to authorize a record in INA2 Status, a value of 2 needs to be set in the FUNCTION field of their
USER profile. 'B' is used for moving Backwards. This function is not available in Browser but is available in
Classic. 'C' is a function which allows the user to copy a record. 'D' is a function which allows the user to
delete a record which is not yet authorized. Take note that a live record cannot be deleted. 'E' function
allows the user to list unauthorized records. 'F' is used for moving Forwards. This function is not available in
Browser but is available in Classic. 'H' function is used to move a record from history to the live table. This is
also known as History Restore. 'l' function allows the user to input or edit a record in an application. 'L'
function is used to list live records. P' is used for printing. 'R' is used to reverse a record. Once a record is
authorised it cannot be deleted. It can only be reversed. 'S' allows the user to view the records. V' is a special
function which is supported only by some applications in Transact. It is used to produce some extra
information and also performs some extra actions. V function is known as verify function. 'Q' stands for
Audit Review. It is a special function reserved for Auditors. The Q function does not appear by default. If
required, it must be added separately.

I Access » Screen Functions

• A— Authorize • p _ print
• 2 — 2nd Authorizer Permission • R — Reverse S _ See
• C — Copy • V —Verify
— Delete • B — Not used
• E — List exceptions (unauthorized • F — Not used
records)
• Q — Audit
• H — History restore
• I — Input
• L- List live records USER, Bum

35
02022 Temenos Headquarters SA - all rights reserved
 TEMENOS
Transact Security Management System Learning Commur,iby'

Access » Records level

Could you set a more refined restriction for a User? Imagine restricting a user based on data
values from the records that the user is going to try to access. Is this possible in Transact? The
answer is Yes. This type of restriction can be achieved by using the fields from COMPANY. RESTR
to DATA.TO. These fields form a multi-value set. The field COMPANY.RESTR can have the company
code which the user will be allowed to access. The APPLICATION field will hold the name of the
application which can be accessed by the user. The FUNCTION field will hold the function that
the user can perform in the specified application. FIELD NO is used to specify the field from the
application which will be used for comparison. There is a special way to specify this field name.
That is by using the syntax 'Application Name' followed by the Greater than' sign and then the
'Field Name' The DATA COMPARISON field must contain a valid operand that you wish to use for
the comparison. The different operands available are EQ, which stands for Equal To. This operand
can also be used to specify a range of values. GE stands for Greater than or Equal To GT stands
for Greater than LE stands for Less than or Equal To LT stands for Less than NE stands for Not
Equal To LK stands for Like And UL stands for Unlike The DATA FROM & DATA TO fields are used to
indicate the actual Values of the data for comparison. In the screenshot displayed, the Field No is
based on SECTOR. Therefore in DATA TO we are comparing to SECTOR 2000. If the SECTOR of the
CUSTOMER is less than equal to 2000 then this User would not be able to access the Customer
record.

I Access » Records level

e. TEMENOSCm-it/
02022 Temenos Headquarters SA - all rights reserved 36
 TEMENOS
Transact Security Management System Learning Communiby'

Access » Standard Mode

Let us start by understanding the standard mode. This is also known as the exclusive mode. Under this setup,
the field ALL.PG.INC on the SPF is either blank or set to NO. How does the system behave under this setup?
In the first screen shot displayed, we have a User that has ALL.PG. The functions are defined in the second
screen shot within the Function field. That is how the first set of multi-values is setup. On the second set of
multi-values, we have ACCOUNT in the application field where the Functions are only I A S D. This implies
that for all applications, the user has all functions, but for the ACCOUNT application, the user only has I A S D
functions. Because ACCOUNT is specified separately its functions override the functions on the first multi
value set

I Access » Standard Mode

• Standard Mode —
ALL.PG.INC field set as Null/NO.
• User record defined with first option to
use:
ALL.PG in the applications field and ALL in
the functions field and
ACCOUNT with just the 'l AS D'
• This setup will allow the user to restrict the
access to ACCOUNT application only for the
functions listed in the 2nd multi -v alue.

SA - dl s

02022 Temenos Headquarters SA - all rights reserved 38

 TEMENOS
Transact Security Management System Learning Communiby'

Access » Non-Standard Mode

We will now learn about the non-standard mode. This is also known as the inclusive mode. Under this setup
the field ALL.PG.INC on the SPF is set to YES. The system will now behave differently. In the screen shot
displayed, we have a User that has ALL.PG and functions P L S are defined. That is how the first set of multi-
values is setup. On the second set of multi-values, we have ACCOUNT in the application field but only I A D
functions. This implies that for all applications the user has P L S functions, but for the ACCOUNT application,
the user has P L S plus I A D functions. Any application specified separately will have its own functions plus
the functions specified on the ALL.PG multi-value set. This is why it is called the inclusive mode.

I Access » Non-Standard Mode

• Non-Standard Mode — ALL.PG.INC field
set as YES.
• User record defined with first option to
Use:
ALL.PG in the applications field and
'P L S' in the functions field and
ACCOUNT with just the 'l A D'
• The final setup: 'P LS I A D' for the
ACCOUNT application.

TEMENOS
Tom H SA - dl s

02022 Temenos Headquarters SA - all rights reserved 39

 TEMENOS
Transact Security Management System Learning Commur,iby'

Access » Menu » Initial Application

In Transact, there is a provision to assign Menus to Users based on their role or job profile. We can create
separate Menus for different groups of Users based on what they are required to do. The INIT APPLICATION
field is used to assign a specific Menu to a User. This is the Menu the User will see when he signs on to
Transact. The ID of the Menu is prefixed by a question mark. If left blank, then Menu number one is allocated
to the User. Menu number one is the default Model Bank Menu.

I Access » Menu » Initial Application

02022 Temenos Headquarters SA - all rights reserved 40